Is the Azure Blob Storage connection string encrypted when stored in Micro Focus Content Manager 24.3?

Hello everyone,


I am currently working with CM 24.3, where I have configured Azure Blob Storage as a document store. The configuration requires entering a connection string with access/account keys, and I am trying to confirm if this connection string is encrypted when stored in the system.


Could anyone share insights into how CM 24.3 handles and stores these sensitive connection details? If encryption is used, is it possible to specify the encryption method?


Any guidance or references to documentation would be greatly appreciated. Thank you!

Thanks,

Swarup Moulik

  • Verified Answer

    +1  

    Hey Swarup,

    Ended up spinning up a 23.4 machine to take a look (I imagine it would be stored exactly the same way in 24.3)

    For myself, the AccountKey part of the AzureBlob connection string is 100% encrypted and looks to be done so using AES - for details around the exact cypher you may need to log a ticket to get the info direct from OT.

    The other values, account name, blob endpoint, of the connection string look to be stored as plaintext in the DB.

    How the entry appears in the DB

    This entire XML value is placed in an nvarchar(2000) column in one of the DB tables.

    Your DB access should always be tightly controlled and limited to the DBO account from the application and your select database team directly as even entries in the standard TSRECORD table can be considered extremely sensitive depending on the titles and metadata captured as part of your normal record creation with the tables essentially bypassing ALL inbuilt application controls.

    -Scotty